Merge pull request #526 from ehang-io/dev, close #483

Dev
2020-05-07 23:52:16 +08:00 · 2020-05-07 23:52:16 +08:00 · e6b825dfc9
parent c9b755360c 55c263902e
commit e6b825dfc9
26 changed files with 234 additions and 127 deletions
--- a/bridge/bridge.go
+++ b/bridge/bridge.go
@ -41,28 +41,30 @@ func NewClient(t, f *nps_mux.Mux, s *conn.Conn, vs string) *Client {
 }

 type Bridge struct {
-	TunnelPort  int //通信隧道端口
-	Client      sync.Map
-	Register    sync.Map
-	tunnelType  string //bridge type kcp or tcp
-	OpenTask    chan *file.Tunnel
-	CloseTask   chan *file.Tunnel
-	CloseClient chan int
-	SecretChan  chan *conn.Secret
-	ipVerify    bool
-	runList     sync.Map //map[int]interface{}
+	TunnelPort     int //通信隧道端口
+	Client         sync.Map
+	Register       sync.Map
+	tunnelType     string //bridge type kcp or tcp
+	OpenTask       chan *file.Tunnel
+	CloseTask      chan *file.Tunnel
+	CloseClient    chan int
+	SecretChan     chan *conn.Secret
+	ipVerify       bool
+	runList        sync.Map //map[int]interface{}
+	disconnectTime int
 }

-func NewTunnel(tunnelPort int, tunnelType string, ipVerify bool, runList sync.Map) *Bridge {
+func NewTunnel(tunnelPort int, tunnelType string, ipVerify bool, runList sync.Map, disconnectTime int) *Bridge {
 	return &Bridge{
-		TunnelPort:  tunnelPort,
-		tunnelType:  tunnelType,
-		OpenTask:    make(chan *file.Tunnel),
-		CloseTask:   make(chan *file.Tunnel),
-		CloseClient: make(chan int),
-		SecretChan:  make(chan *conn.Secret),
-		ipVerify:    ipVerify,
-		runList:     runList,
+		TunnelPort:     tunnelPort,
+		tunnelType:     tunnelType,
+		OpenTask:       make(chan *file.Tunnel),
+		CloseTask:      make(chan *file.Tunnel),
+		CloseClient:    make(chan int),
+		SecretChan:     make(chan *conn.Secret),
+		ipVerify:       ipVerify,
+		runList:        runList,
+		disconnectTime: disconnectTime,
 	}
 }

@ -242,7 +244,7 @@ func (s *Bridge) typeDeal(typeVal string, c *conn.Conn, id int, vs string) {
 		go s.GetHealthFromClient(id, c)
 		logs.Info("clientId %d connection succeeded, address:%s ", id, c.Conn.RemoteAddr())
 	case common.WORK_CHAN:
-		muxConn := nps_mux.NewMux(c.Conn, s.tunnelType)
+		muxConn := nps_mux.NewMux(c.Conn, s.tunnelType, s.disconnectTime)
 		if v, ok := s.Client.LoadOrStore(id, NewClient(muxConn, nil, nil, vs)); ok {
 			v.(*Client).tunnel = muxConn
 		}
@ -263,7 +265,7 @@ func (s *Bridge) typeDeal(typeVal string, c *conn.Conn, id int, vs string) {
 			logs.Error("secret error, failed to match the key successfully")
 		}
 	case common.WORK_FILE:
-		muxConn := nps_mux.NewMux(c.Conn, s.tunnelType)
+		muxConn := nps_mux.NewMux(c.Conn, s.tunnelType, s.disconnectTime)
 		if v, ok := s.Client.LoadOrStore(id, NewClient(nil, muxConn, nil, vs)); ok {
 			v.(*Client).file = muxConn
 		}
--- a/build.sh
+++ b/build.sh
@ -1,5 +1,5 @@
 #/bash/sh
-export VERSION=0.26.6
+export VERSION=0.26.7
 export GOPROXY=direct

 sudo apt-get update
--- a/client/client.go
+++ b/client/client.go
@ -28,10 +28,11 @@ type TRPClient struct {
 	signal         *conn.Conn
 	ticker         *time.Ticker
 	cnf            *config.Config
+	disconnectTime int
 }

 //new client
-func NewRPClient(svraddr string, vKey string, bridgeConnType string, proxyUrl string, cnf *config.Config) *TRPClient {
+func NewRPClient(svraddr string, vKey string, bridgeConnType string, proxyUrl string, cnf *config.Config, disconnectTime int) *TRPClient {
 	return &TRPClient{
 		svrAddr:        svraddr,
 		p2pAddr:        make(map[string]string, 0),
@ -39,6 +40,7 @@ func NewRPClient(svraddr string, vKey string, bridgeConnType string, proxyUrl st
 		bridgeConnType: bridgeConnType,
 		proxyUrl:       proxyUrl,
 		cnf:            cnf,
+		disconnectTime: disconnectTime,
 	}
 }

@ -138,7 +140,7 @@ func (s *TRPClient) newUdpConn(localAddr, rAddr string, md5Password string) {
 			conn.SetUdpSession(udpTunnel)
 			logs.Trace("successful connection with client ,address %s", udpTunnel.RemoteAddr().String())
 			//read link info from remote
-			conn.Accept(nps_mux.NewMux(udpTunnel, s.bridgeConnType), func(c net.Conn) {
+			conn.Accept(nps_mux.NewMux(udpTunnel, s.bridgeConnType, s.disconnectTime), func(c net.Conn) {
 				go s.handleChan(c)
 			})
 			break
@ -153,7 +155,7 @@ func (s *TRPClient) newChan() {
 		logs.Error("connect to ", s.svrAddr, "error:", err)
 		return
 	}
-	s.tunnel = nps_mux.NewMux(tunnel.Conn, s.bridgeConnType)
+	s.tunnel = nps_mux.NewMux(tunnel.Conn, s.bridgeConnType, s.disconnectTime)
 	for {
 		src, err := s.tunnel.Accept()
 		if err != nil {
--- a/client/control.go
+++ b/client/control.go
@ -175,7 +175,7 @@ re:
 	} else {
 		logs.Notice("web access login username:%s password:%s", cnf.CommonConfig.Client.WebUserName, cnf.CommonConfig.Client.WebPassword)
 	}
-	NewRPClient(cnf.CommonConfig.Server, vkey, cnf.CommonConfig.Tp, cnf.CommonConfig.ProxyUrl, cnf).Start()
+	NewRPClient(cnf.CommonConfig.Server, vkey, cnf.CommonConfig.Tp, cnf.CommonConfig.ProxyUrl, cnf, cnf.CommonConfig.DisconnectTime).Start()
 	CloseLocalServer()
 	goto re
 }
--- a/client/local.go
+++ b/client/local.go
@ -73,7 +73,7 @@ func startLocalFileServer(config *config.CommonConfig, t *file.Tunnel, vkey stri
 	}
 	logs.Info("start local file system, local path %s, strip prefix %s ,remote port %s ", t.LocalPath, t.StripPre, t.Ports)
 	fileServer = append(fileServer, srv)
-	listener := nps_mux.NewMux(remoteConn.Conn, common.CONN_TCP)
+	listener := nps_mux.NewMux(remoteConn.Conn, common.CONN_TCP, config.DisconnectTime)
 	logs.Error(srv.Serve(listener))
 }

@ -214,6 +214,6 @@ func newUdpConn(localAddr string, config *config.CommonConfig, l *config.LocalSe
 	logs.Trace("successful create a connection with server", remoteAddress)
 	conn.SetUdpSession(udpTunnel)
 	udpConn = udpTunnel
-	muxSession = nps_mux.NewMux(udpConn, "kcp")
+	muxSession = nps_mux.NewMux(udpConn, "kcp", config.DisconnectTime)
 	p2pNetBridge = &p2pBridge{}
 }
--- a/cmd/npc/npc.go
+++ b/cmd/npc/npc.go
@ -21,23 +21,24 @@ import (
 )

 var (
-	serverAddr   = flag.String("server", "", "Server addr (ip:port)")
-	configPath   = flag.String("config", "", "Configuration file path")
-	verifyKey    = flag.String("vkey", "", "Authentication key")
-	logType      = flag.String("log", "stdout", "Log output mode（stdout|file）")
-	connType     = flag.String("type", "tcp", "Connection type with the server（kcp|tcp）")
-	proxyUrl     = flag.String("proxy", "", "proxy socks5 url(eg:socks5://111:222@127.0.0.1:9007)")
-	logLevel     = flag.String("log_level", "7", "log level 0~7")
-	registerTime = flag.Int("time", 2, "register time long /h")
-	localPort    = flag.Int("local_port", 2000, "p2p local port")
-	password     = flag.String("password", "", "p2p password flag")
-	target       = flag.String("target", "", "p2p target")
-	localType    = flag.String("local_type", "p2p", "p2p target")
-	logPath      = flag.String("log_path", "", "npc log path")
-	debug        = flag.Bool("debug", true, "npc debug")
-	pprofAddr    = flag.String("pprof", "", "PProf debug addr (ip:port)")
-	stunAddr     = flag.String("stun_addr", "stun.stunprotocol.org:3478", "stun server address (eg:stun.stunprotocol.org:3478)")
-	ver          = flag.Bool("version", false, "show current version")
+	serverAddr     = flag.String("server", "", "Server addr (ip:port)")
+	configPath     = flag.String("config", "", "Configuration file path")
+	verifyKey      = flag.String("vkey", "", "Authentication key")
+	logType        = flag.String("log", "stdout", "Log output mode（stdout|file）")
+	connType       = flag.String("type", "tcp", "Connection type with the server（kcp|tcp）")
+	proxyUrl       = flag.String("proxy", "", "proxy socks5 url(eg:socks5://111:222@127.0.0.1:9007)")
+	logLevel       = flag.String("log_level", "7", "log level 0~7")
+	registerTime   = flag.Int("time", 2, "register time long /h")
+	localPort      = flag.Int("local_port", 2000, "p2p local port")
+	password       = flag.String("password", "", "p2p password flag")
+	target         = flag.String("target", "", "p2p target")
+	localType      = flag.String("local_type", "p2p", "p2p target")
+	logPath        = flag.String("log_path", "", "npc log path")
+	debug          = flag.Bool("debug", true, "npc debug")
+	pprofAddr      = flag.String("pprof", "", "PProf debug addr (ip:port)")
+	stunAddr       = flag.String("stun_addr", "stun.stunprotocol.org:3478", "stun server address (eg:stun.stunprotocol.org:3478)")
+	ver            = flag.Bool("version", false, "show current version")
+	disconnectTime = flag.Int("disconnect_timeout", 60, "not receiving check packet times, until timeout will disconnect the client")
 )

 func main() {
@ -218,6 +219,7 @@ func run() {
 		commonConfig.Client = new(file.Client)
 		commonConfig.Client.Cnf = new(file.Config)
 		go client.StartLocalServer(localServer, commonConfig)
+		return
 	}
 	env := common.GetEnvMap()
 	if *serverAddr == "" {
@ -230,7 +232,7 @@ func run() {
 	if *verifyKey != "" && *serverAddr != "" && *configPath == "" {
 		go func() {
 			for {
-				client.NewRPClient(*serverAddr, *verifyKey, *connType, *proxyUrl, nil).Start()
+				client.NewRPClient(*serverAddr, *verifyKey, *connType, *proxyUrl, nil, *disconnectTime).Start()
 				logs.Info("It will be reconnected in five seconds")
 				time.Sleep(time.Second * 5)
 			}
--- a/cmd/npc/sdk.go
+++ b/cmd/npc/sdk.go
@ -16,7 +16,7 @@ func StartClientByVerifyKey(serverAddr, verifyKey, connType, proxyUrl *C.char) i
 	if cl != nil {
 		cl.Close()
 	}
-	cl = client.NewRPClient(C.GoString(serverAddr), C.GoString(verifyKey), C.GoString(connType), C.GoString(proxyUrl), nil)
+	cl = client.NewRPClient(C.GoString(serverAddr), C.GoString(verifyKey), C.GoString(connType), C.GoString(proxyUrl), nil, 60)
 	go func() {
 		cl.Start()
 		return
--- a/cmd/nps/nps.go
+++ b/cmd/nps/nps.go
@ -1,14 +1,6 @@
 package main

 import (
-	"ehang.io/nps/lib/crypt"
-	"ehang.io/nps/lib/file"
-	"ehang.io/nps/lib/install"
-	"ehang.io/nps/lib/version"
-	"ehang.io/nps/server"
-	"ehang.io/nps/server/connection"
-	"ehang.io/nps/server/tool"
-	"ehang.io/nps/web/routers"
 	"flag"
 	"log"
 	"os"
@ -18,7 +10,16 @@ import (
 	"strings"
 	"sync"

+	"ehang.io/nps/lib/file"
+	"ehang.io/nps/lib/install"
+	"ehang.io/nps/lib/version"
+	"ehang.io/nps/server"
+	"ehang.io/nps/server/connection"
+	"ehang.io/nps/server/tool"
+	"ehang.io/nps/web/routers"
+
 	"ehang.io/nps/lib/common"
+	"ehang.io/nps/lib/crypt"
 	"ehang.io/nps/lib/daemon"
 	"github.com/astaxie/beego"
 	"github.com/astaxie/beego/logs"
@ -200,8 +201,13 @@ func run() {
 	}
 	logs.Info("the version of server is %s ,allow client core version to be %s", version.VERSION, version.GetVersion())
 	connection.InitConnectionService()
-	crypt.InitTls(filepath.Join(common.GetRunPath(), "conf", "server.pem"), filepath.Join(common.GetRunPath(), "conf", "server.key"))
+	//crypt.InitTls(filepath.Join(common.GetRunPath(), "conf", "server.pem"), filepath.Join(common.GetRunPath(), "conf", "server.key"))
+	crypt.InitTls()
 	tool.InitAllowPort()
 	tool.StartSystemInfo()
-	go server.StartNewServer(bridgePort, task, beego.AppConfig.String("bridge_type"))
+	timeout, err := beego.AppConfig.Int("disconnect_timeout")
+	if err != nil {
+		timeout = 60
+	}
+	go server.StartNewServer(bridgePort, task, beego.AppConfig.String("bridge_type"), timeout)
 }
--- a/conf/npc.conf
+++ b/conf/npc.conf
@ -13,6 +13,7 @@ web_password=1234
 crypt=true
 compress=true
 #pprof_addr=0.0.0.0:9999
+disconnect_timeout=60

 [health_check_test1]
 health_check_timeout=1
--- a/conf/nps.conf
+++ b/conf/nps.conf
@ -80,3 +80,6 @@ http_add_origin_header=false
 #pprof debug options
 #pprof_ip=0.0.0.0
 #pprof_port=9999
+
+#client disconnect timeout
+disconnect_timeout=60
--- a/docs/_coverpage.md
+++ b/docs/_coverpage.md
@ -1,6 +1,6 @@
 ![logo](logo.svg)

-# NPS <small>0.26.6</small>
+# NPS <small>0.26.7</small>

 > 一款轻量级、高性能、功能强大的内网穿透代理服务器

--- a/docs/feature.md
+++ b/docs/feature.md
@ -16,8 +16,7 @@
 ## 加密传输

 如果公司内网防火墙对外网访问进行了流量识别与屏蔽，例如禁止了ssh协议等，通过设置 配置文件，将服务端与客户端之间的通信内容加密传输，将会有效防止流量被拦截。
- nps使用tls加密，所以一定要保留conf目录下的密钥文件，同时也可以自行生成
- 在web管理或客户端配置文件中设置
+- nps现在默认每次启动时随机生成tls证书，用于加密传输



@ -244,3 +243,8 @@ LevelInformational->6 LevelDebug->7
 可在服务端与客户端配置中开启pprof端口，用于性能分析与调试，注释或留空相应参数为关闭。

 默认为关闭状态
+
+## 自定义客户端超时检测断开时间
+
+客户端与服务端间会间隔5s相互发送延迟测量包，这个时间间隔不可修改。
+可修改延迟测量包丢包的次数，默认为60也就是5分钟都收不到一个延迟测量回包，则会断开客户端连接。
--- a/go.mod
+++ b/go.mod
@ -3,8 +3,8 @@ module ehang.io/nps
 go 1.13

 require (
-	ehang.io/nps-mux v0.0.0-20200319121657-f4af26331c9f
-	fyne.io/fyne v1.2.3
+	ehang.io/nps-mux v0.0.0-20200407130948-165521618e58
+	fyne.io/fyne v1.2.4
 	github.com/StackExchange/wmi v0.0.0-20190523213315-cbe66965904d // indirect
 	github.com/astaxie/beego v1.12.0
 	github.com/bradfitz/iter v0.0.0-20191230175014-e8f45d346db8 // indirect
@ -16,14 +16,15 @@ require (
 	github.com/hooklift/assert v0.0.0-20170704181755-9d1defd6d214 // indirect
 	github.com/kardianos/service v1.0.0
 	github.com/klauspost/pgzip v1.2.1 // indirect
+	github.com/klauspost/reedsolomon v1.9.6 // indirect
 	github.com/panjf2000/ants/v2 v2.3.1
 	github.com/pkg/errors v0.9.1
 	github.com/shiena/ansicolor v0.0.0-20151119151921-a422bbe96644 // indirect
 	github.com/shirou/gopsutil v2.19.11+incompatible
 	github.com/xtaci/kcp-go v5.4.20+incompatible
-	golang.org/x/crypto v0.0.0-20200317142112-1b76d66859c6 // indirect
-	golang.org/x/net v0.0.0-20200301022130-244492dfa37a
-	golang.org/x/sys v0.0.0-20200317113312-5766fd39f98d // indirect
+	golang.org/x/crypto v0.0.0-20200429183012-4b2356b1ed79 // indirect
+	golang.org/x/net v0.0.0-20200506145744-7e3656a0809f
+	golang.org/x/sys v0.0.0-20200501145240-bc7a7d42d5c3 // indirect
 )

 replace github.com/astaxie/beego => github.com/exfly/beego v1.12.0-export-init
--- a/go.sum
+++ b/go.sum
@ -1,7 +1,7 @@
-ehang.io/nps-mux v0.0.0-20200319121657-f4af26331c9f h1:uAc/HZ939kibvYzVCPc1kp24PEjxxJy/N4Gs3Ybpm1Q=
-ehang.io/nps-mux v0.0.0-20200319121657-f4af26331c9f/go.mod h1:hTpHjFEac582vs7OjOaN8R2o3EOPOs2qeBeqTvIQAgs=
-fyne.io/fyne v1.2.3 h1:5xwtSBNjxxmg+GF/lYvvf4xPzyjgWQoJVrzb+bt5gaA=
-fyne.io/fyne v1.2.3/go.mod h1:JhDdBrPP/Kdr1H5ZT3HW8E/6zlz+GkOldWqSirGBDnY=
+ehang.io/nps-mux v0.0.0-20200407130948-165521618e58 h1:KGA7iiDIA+taxu5Dvh4/oRDCWnSsPKElCjqvdaPagI0=
+ehang.io/nps-mux v0.0.0-20200407130948-165521618e58/go.mod h1:hTpHjFEac582vs7OjOaN8R2o3EOPOs2qeBeqTvIQAgs=
+fyne.io/fyne v1.2.4 h1:QN5GQEZ9FANvFxkIQLQ5qnmmpSwBAoDiH8hQiuz2Zyo=
+fyne.io/fyne v1.2.4/go.mod h1:nsGex1XH/8p/kq6KiQV4bNu0XTKaFJRbZEOOj4fqJF8=
 github.com/Knetic/govaluate v3.0.0+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0=
 github.com/Kodeworks/golang-image-ico v0.0.0-20141118225523-73f0f4cfade9/go.mod h1:7uhhqiBaR4CpN0k9rMjOtjpcfGd6DG2m04zQxKnWQ0I=
 github.com/OwnLocal/goes v1.0.0/go.mod h1:8rIFjBGTue3lCU0wplczcUgt9Gxgrkkrw7etMIcn8TM=
@ -37,6 +37,8 @@ github.com/exfly/beego v1.12.0-export-init h1:VQNYKdXhAwZGUaFmQv8Aj921O3rQJZRIF8
 github.com/exfly/beego v1.12.0-export-init/go.mod h1:fysx+LZNZKnvh4GED/xND7jWtjCR6HzydR2Hh2Im57o=
 github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
+github.com/fyne-io/mobile v0.0.1 h1:Skc/XcZy1ZNdBanhZB9D8114fU4K+kSi5QZXuG6JPeQ=
+github.com/fyne-io/mobile v0.0.1/go.mod h1:/kOrWrZB6sasLbEy2JIvr4arEzQTXBTZGb3Y96yWbHY=
 github.com/go-gl/gl v0.0.0-20190320180904-bf2b1f2f34d7 h1:SCYMcCJ89LjRGwEa0tRluNRiMjZHalQZrVrvTbPh+qw=
 github.com/go-gl/gl v0.0.0-20190320180904-bf2b1f2f34d7/go.mod h1:482civXOzJJCPzJ4ZOX/pwvXBWSnzD4OKMdH4ClKGbk=
 github.com/go-gl/glfw v0.0.0-20181213070059-819e8ce5125f h1:7MsFMbSn8Lcw0blK4+NEOf8DuHoOBDhJsHz04yh13pM=
@ -62,10 +64,14 @@ github.com/klauspost/compress v1.4.1/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0
 github.com/klauspost/cpuid v1.2.0/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek=
 github.com/klauspost/cpuid v1.2.3 h1:CCtW0xUnWGVINKvE/WWOYKdsPV6mawAtvQuSl8guwQs=
 github.com/klauspost/cpuid v1.2.3/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek=
+github.com/klauspost/cpuid v1.2.4 h1:EBfaK0SWSwk+fgk6efYFWdzl8MwRWoOO1gkmiaTXPW4=
+github.com/klauspost/cpuid v1.2.4/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek=
 github.com/klauspost/pgzip v1.2.1 h1:oIPZROsWuPHpOdMVWLuJZXwgjhrW8r1yEX8UqMyeNHM=
 github.com/klauspost/pgzip v1.2.1/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs=
 github.com/klauspost/reedsolomon v1.9.3 h1:N/VzgeMfHmLc+KHMD1UL/tNkfXAt8FnUqlgXGIduwAY=
 github.com/klauspost/reedsolomon v1.9.3/go.mod h1:CwCi+NUr9pqSVktrkN+Ondf06rkhYZ/pcNv7fu+8Un4=
+github.com/klauspost/reedsolomon v1.9.6 h1:sXZANEgYACIcmbk90z6MV4XL29d0Lm6AFleWRPZJxi8=
+github.com/klauspost/reedsolomon v1.9.6/go.mod h1:+8WD025Xpby8/kG5h/HDPIFhiiuGEtZOKw+5Y4drAD8=
 github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
 github.com/mattn/go-sqlite3 v1.10.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc=
 github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646 h1:zYyBkD/k9seD2A7fsi6Oo2LfFZAehjjQMERAvZLEDnQ=
@ -90,8 +96,8 @@ github.com/siddontang/ledisdb v0.0.0-20181029004158-becf5f38d373/go.mod h1:mF1Dp
 github.com/siddontang/rdb v0.0.0-20150307021120-fc89ed2e418d/go.mod h1:AMEsy7v5z92TR1JKMkLLoaOQk++LVnOKL3ScbJ8GNGA=
 github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
 github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
-github.com/srwiley/oksvg v0.0.0-20190829233741-58e08c8fe40e h1:LJUrNHytcMXWKxnULIHPe5SCb1jDpO9o672VB1x2EuQ=
-github.com/srwiley/oksvg v0.0.0-20190829233741-58e08c8fe40e/go.mod h1:afMbS0qvv1m5tfENCwnOdZGOF8RGR/FsZ7bvBxQGZG4=
+github.com/srwiley/oksvg v0.0.0-20200311192757-870daf9aa564 h1:HunZiaEKNGVdhTRQOVpMmj5MQnGnv+e8uZNu3xFLgyM=
+github.com/srwiley/oksvg v0.0.0-20200311192757-870daf9aa564/go.mod h1:afMbS0qvv1m5tfENCwnOdZGOF8RGR/FsZ7bvBxQGZG4=
 github.com/srwiley/rasterx v0.0.0-20181219215540-696f7edb7a7e h1:FFotfUvew9Eg02LYRl8YybAnm0HCwjjfY5JlOI1oB00=
 github.com/srwiley/rasterx v0.0.0-20181219215540-696f7edb7a7e/go.mod h1:mvWM0+15UqyrFKqdRjY6LuAVJR0HOVhJlEgZ5JWtSWU=
 github.com/ssdb/gossdb v0.0.0-20180723034631-88f6b59b84ec/go.mod h1:QBvMkMya+gXctz3kmljlUCu/yB3GZ6oee+dUozsezQE=
@ -117,34 +123,41 @@ github.com/xtaci/lossyconn v0.0.0-20190602105132-8df528c0c9ae/go.mod h1:gXtu8J62
 golang.org/x/crypto v0.0.0-20181127143415-eb0de9b17e85 h1:et7+NAX3lLIk5qUCTA9QelBjGE/NkhzYw/mhnr0s7nI=
 golang.org/x/crypto v0.0.0-20181127143415-eb0de9b17e85/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20191219195013-becbf705a915/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073 h1:xMPOj6Pz6UipU1wXLkrtqpHbR0AVFnyPEQq/wRWz9lM=
 golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20200317142112-1b76d66859c6 h1:TjszyFsQsyZNHwdVdZ5m7bjmreu0znc2kRYsEml9/Ww=
-golang.org/x/crypto v0.0.0-20200317142112-1b76d66859c6/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8 h1:idBdZTd9UioThJp8KpM/rTSinK/ChZFBE43/WtIy8zg=
-golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
-golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
+golang.org/x/crypto v0.0.0-20200429183012-4b2356b1ed79 h1:IaQbIIB2X/Mp/DKctl6ROxz1KyMlKp4uyvL6+kQ7C88=
+golang.org/x/crypto v0.0.0-20200429183012-4b2356b1ed79/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/image v0.0.0-20190802002840-cff245a6509b h1:+qEpEAPhDZ1o0x3tHzZTQDArnOixOzGD9HUJfcg0mb4=
 golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
-golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028 h1:4+4C/Iv2U4fMZBiMCc98MG1In4gJY5YRhtpDNeDeHWs=
-golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
+golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
+golang.org/x/mod v0.1.1-0.20191209134235-331c550502dd/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/net v0.0.0-20181114220301-adae6a3d119a h1:gOpx8G595UYyvj8UK4+OFyY4rx037g3fmfhe5SasG3U=
 golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200301022130-244492dfa37a h1:GuSPYbZzB5/dcLNCwLQLsg3obCJtX9IJhpXkvY7kzk0=
 golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20200506145744-7e3656a0809f h1:QBjCr1Fz5kw158VqdE9JfI9cJnl/ymnJWAdMuinqL7Y=
+golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20190204203706-41f3e6584952/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190626221950-04f50cda93cb/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527 h1:uYVVQ9WP/Ds2ROhcaGPeIdVq0RIXVLwsHlnvJ+cT1So=
 golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200317113312-5766fd39f98d h1:62ap6LNOjDU6uGmKXHJbSfciMoV+FeI1sRXx/pLDL44=
-golang.org/x/sys v0.0.0-20200317113312-5766fd39f98d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200501145240-bc7a7d42d5c3 h1:5B6i6EAiSYyejWfvc5Rc9BbI3rzIsrrXfAQBWnYfn+w=
+golang.org/x/sys v0.0.0-20200501145240-bc7a7d42d5c3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/tools v0.0.0-20190808195139-e713427fea3f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20200117012304-6edc0a871e69/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE=
--- a/gui/npc/AndroidManifest.xml
+++ b/gui/npc/AndroidManifest.xml
@ -3,7 +3,7 @@
        xmlns:android="http://schemas.android.com/apk/res/android"
        package="org.nps.client"
        android:versionCode="1"
-        android:versionName="0.26.6">
+        android:versionName="0.26.7">

    <application android:label="Npc" android:debuggable="true">
        <activity android:name="org.golang.app.GoNativeActivity"
--- a/gui/npc/npc.go
+++ b/gui/npc/npc.go
@ -32,10 +32,11 @@ func main() {
 }

 var (
-	start    bool
-	status   = "Start!"
-	connType = "tcp"
-	cl       = new(client.TRPClient)
+	start     bool
+	status    = "Start!"
+	connType  = "tcp"
+	cl        = new(client.TRPClient)
+	refreshCh = make(chan struct{})
 )

 func WidgetScreen() fyne.CanvasObject {
@ -54,28 +55,8 @@ func makeMainTab() fyne.Widget {
 	radio := widget.NewRadio([]string{"tcp", "kcp"}, func(s string) { connType = s })
 	radio.Horizontal = true

-	refreshCh := make(chan struct{})
 	button := widget.NewButton(status, func() {
-		start = !start
-		if start {
-			status = "Stop!"
-			// init the npc
-			fmt.Println("submit", serverPort.Text, vKey.Text, connType)
-			sp, vk, ct := loadConfig()
-			if sp != serverPort.Text || vk != vKey.Text || ct != connType {
-				saveConfig(serverPort.Text, vKey.Text, connType)
-			}
-			cl = client.NewRPClient(serverPort.Text, vKey.Text, connType, "", nil)
-			go cl.Start()
-		} else {
-			// close the npc
-			status = "Start!"
-			if cl != nil {
-				go cl.Close()
-				cl = nil
-			}
-		}
-		refreshCh <- struct{}{}
+		onclick(serverPort.Text, vKey.Text, connType)
 	})
 	go func() {
 		for {
@ -103,6 +84,7 @@ func makeMainTab() fyne.Widget {
 		vKey.SetText(vk)
 		connType = ct
 		radio.SetSelected(ct)
+		onclick(sp, vk, ct)
 	}

 	return widget.NewVBox(
@ -115,6 +97,29 @@ func makeMainTab() fyne.Widget {
 	)
 }

+func onclick(s, v, c string) {
+	start = !start
+	if start {
+		status = "Stop!"
+		// init the npc
+		fmt.Println("submit", s, v, c)
+		sp, vk, ct := loadConfig()
+		if sp != s || vk != v || ct != c {
+			saveConfig(s, v, c)
+		}
+		cl = client.NewRPClient(s, v, c, "", nil, 60)
+		go cl.Start()
+	} else {
+		// close the npc
+		status = "Start!"
+		if cl != nil {
+			go cl.Close()
+			cl = nil
+		}
+	}
+	refreshCh <- struct{}{}
+}
+
 func getDir() (dir string, err error) {
 	if runtime.GOOS != "android" {
 		dir, err = os.UserConfigDir()
--- a/lib/config/config.go
+++ b/lib/config/config.go
@ -17,6 +17,7 @@ type CommonConfig struct {
 	AutoReconnection bool
 	ProxyUrl         string
 	Client           *file.Client
+	DisconnectTime   int
 }

 type LocalServer struct {
@ -147,6 +148,8 @@ func dealCommon(s string) *CommonConfig {
 			c.Client.Remark = item[1]
 		case "pprof_addr":
 			common.InitPProfFromArg(item[1])
+		case "disconnect_timeout":
+			c.DisconnectTime = common.GetIntNoErrByStr(item[1])
 		}
 	}
 	return c
--- a/lib/crypt/tls.go
+++ b/lib/crypt/tls.go
@ -1,22 +1,37 @@
 package crypt

 import (
+	"crypto/rand"
+	"crypto/rsa"
 	"crypto/tls"
+	"crypto/x509"
+	"crypto/x509/pkix"
+	"encoding/pem"
+	"log"
+	"math/big"
 	"net"
 	"os"
+	"time"

 	"github.com/astaxie/beego/logs"
 )

-var pemPath, keyPath string
+var (
+	cert tls.Certificate
+)

-func InitTls(pem, key string) {
-	pemPath = pem
-	keyPath = key
+func InitTls() {
+	c, k, err := generateKeyPair("NPS Org")
+	if err == nil {
+		cert, err = tls.X509KeyPair(c, k)
+	}
+	if err != nil {
+		log.Fatalln("Error initializing crypto certs", err)
+	}
 }

 func NewTlsServerConn(conn net.Conn) net.Conn {
-	cert, err := tls.LoadX509KeyPair(pemPath, keyPath)
+	var err error
 	if err != nil {
 		logs.Error(err)
 		os.Exit(0)
@ -32,3 +47,41 @@ func NewTlsClientConn(conn net.Conn) net.Conn {
 	}
 	return tls.Client(conn, conf)
 }
+
+func generateKeyPair(CommonName string) (rawCert, rawKey []byte, err error) {
+	// Create private key and self-signed certificate
+	// Adapted from https://golang.org/src/crypto/tls/generate_cert.go
+
+	priv, err := rsa.GenerateKey(rand.Reader, 2048)
+	if err != nil {
+		return
+	}
+	validFor := time.Hour * 24 * 365 * 10 // ten years
+	notBefore := time.Now()
+	notAfter := notBefore.Add(validFor)
+	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
+	serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
+	template := x509.Certificate{
+		SerialNumber: serialNumber,
+		Subject: pkix.Name{
+			Organization: []string{"My Company Name LTD."},
+			CommonName:   CommonName,
+			Country:      []string{"US"},
+		},
+		NotBefore: notBefore,
+		NotAfter:  notAfter,
+
+		KeyUsage:              x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
+		ExtKeyUsage:           []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
+		BasicConstraintsValid: true,
+	}
+	derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, &priv.PublicKey, priv)
+	if err != nil {
+		return
+	}
+
+	rawCert = pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
+	rawKey = pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(priv)})
+
+	return
+}
--- a/lib/version/version.go
+++ b/lib/version/version.go
@ -1,6 +1,6 @@
 package version

-const VERSION = "0.26.6"
+const VERSION = "0.26.7"

 // Compulsory minimum version, Minimum downward compatibility to this version
 func GetVersion() string {
--- a/server/proxy/http.go
+++ b/server/proxy/http.go
@ -130,7 +130,7 @@ func (s *httpServer) handleHttp(c *conn.Conn, r *http.Request) {
 	defer func() {
 		if connClient != nil {
 			connClient.Close()
-		}else {
+		} else {
 			s.writeConnFail(c.Conn)
 		}
 		c.Close()
--- a/server/server.go
+++ b/server/server.go
@ -85,8 +85,8 @@ func DealBridgeTask() {
 }

 //start a new server
-func StartNewServer(bridgePort int, cnf *file.Tunnel, bridgeType string) {
-	Bridge = bridge.NewTunnel(bridgePort, bridgeType, common.GetBoolByStr(beego.AppConfig.String("ip_limit")), RunList)
+func StartNewServer(bridgePort int, cnf *file.Tunnel, bridgeType string, bridgeDisconnect int) {
+	Bridge = bridge.NewTunnel(bridgePort, bridgeType, common.GetBoolByStr(beego.AppConfig.String("ip_limit")), RunList, bridgeDisconnect)
 	go func() {
 		if err := Bridge.StartTunnel(); err != nil {
 			logs.Error("start server bridge error", err)
--- a/server/test/test.go
+++ b/server/test/test.go
@ -52,10 +52,10 @@ func TestServerConfig() {
 			if port, err := strconv.Atoi(p); err != nil {
 				log.Fatalln("get https port error", err)
 			} else {
-				if !common.FileExists(filepath.Join(common.GetRunPath(), beego.AppConfig.String("pemPath"))) {
+				if beego.AppConfig.String("pemPath") != "" && !common.FileExists(filepath.Join(common.GetRunPath(), beego.AppConfig.String("pemPath"))) {
 					log.Fatalf("ssl certFile %s is not exist", beego.AppConfig.String("pemPath"))
 				}
-				if !common.FileExists(filepath.Join(common.GetRunPath(), beego.AppConfig.String("ketPath"))) {
+				if beego.AppConfig.String("keyPath") != "" && !common.FileExists(filepath.Join(common.GetRunPath(), beego.AppConfig.String("keyPath"))) {
 					log.Fatalf("ssl keyFile %s is not exist", beego.AppConfig.String("pemPath"))
 				}
 				isInArr(&postTcpArr, port, "http port", "tcp")
--- a/web/controllers/base.go
+++ b/web/controllers/base.go
@ -33,12 +33,12 @@ func (s *BaseController) Prepare() {
 	timestamp := s.GetIntNoErr("timestamp")
 	configKey := beego.AppConfig.String("auth_key")
 	timeNowUnix := time.Now().Unix()
-	if !(md5Key!="" && (math.Abs(float64(timeNowUnix-int64(timestamp))) <= 20) && (crypt.Md5(configKey+strconv.Itoa(timestamp)) == md5Key)) {
+	if !(md5Key != "" && (math.Abs(float64(timeNowUnix-int64(timestamp))) <= 20) && (crypt.Md5(configKey+strconv.Itoa(timestamp)) == md5Key)) {
 		if s.GetSession("auth") != true {
 			s.Redirect(beego.AppConfig.String("web_base_url")+"/login/index", 302)
 		}
-	}else {
-		s.SetSession("isAdmin",true)
+	} else {
+		s.SetSession("isAdmin", true)
 		s.Data["isAdmin"] = true
 	}
 	if s.GetSession("isAdmin") != nil && !s.GetSession("isAdmin").(bool) {
@ -141,10 +141,17 @@ func ajax(str string, status int) map[string]interface{} {
 }

 //ajax table返回
-func (s *BaseController) AjaxTable(list interface{}, cnt int, recordsTotal int) {
+func (s *BaseController) AjaxTable(list interface{}, cnt int, recordsTotal int, kwargs map[string]interface{}) {
 	json := make(map[string]interface{})
 	json["rows"] = list
 	json["total"] = recordsTotal
+	if kwargs != nil {
+		for k, v := range kwargs {
+			if v != nil {
+				json[k] = v
+			}
+		}
+	}
 	s.Data["json"] = json
 	s.ServeJSON()
 	s.StopRun()
--- a/web/controllers/client.go
+++ b/web/controllers/client.go
@ -28,7 +28,12 @@ func (s *ClientController) List() {
 		clientId = clientIdSession.(int)
 	}
 	list, cnt := server.GetClientList(start, length, s.getEscapeString("search"), s.getEscapeString("sort"), s.getEscapeString("order"), clientId)
-	s.AjaxTable(list, cnt, cnt)
+	cmd := make(map[string]interface{})
+	ip := s.Ctx.Request.Host
+	cmd["ip"] = common.GetIpByAddr(ip)
+	cmd["bridgeType"] = beego.AppConfig.String("bridge_type")
+	cmd["bridgePort"] = server.Bridge.TunnelPort
+	s.AjaxTable(list, cnt, cnt, cmd)
 }

 //添加客户端
--- a/web/controllers/index.go
+++ b/web/controllers/index.go
@ -82,7 +82,7 @@ func (s *IndexController) GetTunnel() {
 	taskType := s.getEscapeString("type")
 	clientId := s.GetIntNoErr("client_id")
 	list, cnt := server.GetTunnel(start, length, taskType, clientId, s.getEscapeString("search"))
-	s.AjaxTable(list, cnt, cnt)
+	s.AjaxTable(list, cnt, cnt, nil)
 }

 func (s *IndexController) Add() {
@ -215,7 +215,7 @@ func (s *IndexController) HostList() {
 		start, length := s.GetAjaxParams()
 		clientId := s.GetIntNoErr("client_id")
 		list, cnt := file.GetDb().GetHost(start, length, clientId, s.getEscapeString("search"))
-		s.AjaxTable(list, cnt, cnt)
+		s.AjaxTable(list, cnt, cnt, nil)
 	}
 }

--- a/web/views/login/index.html
+++ b/web/views/login/index.html
@ -72,7 +72,7 @@
        </div>
    </div>
    <hr/>
-    <div class="footer">
+    <div class="footer" style="position: unset;">
        <div class="pull-right">
            <span langtag="word-readmore"></span> <strong><a href="https://ehang.io/nps" langtag="word-go"></a></strong>
        </div>
@ -104,4 +104,4 @@
    }
 </script>
 </body>
-</html>
+</html>